« previous next »
Pages: [1] 2

Author Topic: IE address bar is not working  (Read 1521 times)

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« on: November 28, 2007, 02:41:31 PM »
Can anyone help me???  For some reason my IE (v7) address bar has stopped working.  When I type any url into the address bar and hit enter, IE stops responding and I have to kill it from the task manager.  My favorites and my search bars still work.  I've deleted all temp files, cookies, etc.  I have verizon security software and registry defender - all scans come back clean.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #1 on: November 28, 2007, 02:54:58 PM »
Can we just do a double check
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color]
For an alternate download location, you can try HERE
SAVE it to your desktop
Double click on HJTInstall.exe to run it
Choose Install

Hijackthis v2.0.2 will open

Under Main Menu, Select
Do a system scan and save a Log file
A log will open in Notepad
Copy and Paste the Whole log back here to the forum----It is all important!
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #2 on: November 28, 2007, 03:49:30 PM »
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:51 PM, on 11/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\SystemDoctor 2006\SDR6cw.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.optonline.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/genericURL_gener...s/blank_nav.asp
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UERScw]  
O4 - HKLM\..\Run: [SystemDoctor 2006] C:\Program Files\SystemDoctor 2006\sd2006.exe
O4 - HKLM\..\Run: [SDR6cw] C:\Program Files\Common Files\SystemDoctor 2006\SDR6cw.exe -c
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Verizon Internet Security Suite] "C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [dlcqmon.exe] "C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PestCapture] C:\Program Files\PestCapture\PestCapture.exe
O4 - HKCU\..\Run: [SystemDoctor 2006] C:\Program Files\SystemDoctor 2006\sd2006.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Video ActiveX Object\pmsngr.exe
O4 - HKLM\..\Policies\Explorer\Run: [isamini.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {38911EED-5726-41B4-9612-265534EC7A13} (Address Magic Web Edition Download Stub) - http://www.returnpath.net/registration/WebEdition.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103673948453
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d2c89f6...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://di.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_2_3_0.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcq_device -   - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 16302 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #3 on: November 28, 2007, 04:08:18 PM »
Can you post another couple logs for me
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

ALSO:
Download [color=\"red\"]SmitfraudFix[/color][/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

P.S. Don't download anymore antispyware/antivirus software from a popup box
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #4 on: November 28, 2007, 04:23:23 PM »
Uninstall List

ABBYY FineReader 6.0 Sprint
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player ActiveX
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.0.9
AIM 6
AOL Instant Messenger
Apple Mobile Device Support
Apple Software Update
Authentium AntiVirus SDK - 2
Belltech Greeting Card Designer 5.0
Caplio RR30 Software
Conexant SmartHSFi V92 56K DF PCI Modem
Corel Paint Shop Pro X
Dell Media Experience
Dell PC Fax
Dell Photo AIO Printer 966
Dell Solution Center
Dell Support 5.0.0 (766)
Digital Line Detect
DS21Patch
DVDSentry
FaxTools
Form Fill (Windows Live Toolbar)
Google Toolbar for Internet Explorer
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel® PROSet
InterActual Player
iPod for Windows 2005-10-12
iPod Updater 2004-10-20
iPod Updater 2004-11-15
iTunes
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2
Java(tm) SE Runtime Environment 6 Update 1
LG USB Drivers
Linksys Wireless-G USB Network Adapter
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft User-Mode Driver Framework Feature Pack 1.0
MoreResults
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
NoAdware v5.0
Notification Utility
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OneCare Advisor (Windows Live Toolbar)
PerfectDisk
PestCapture
PlayLinc
Popup Blocker (Windows Live Toolbar)
PowerDVD
PPSDKRedistributables
Print to Fax
QuickTime
Radialpoint Security Services
RealOne Player
Registry Defender
Rhapsody Player Engine
RPS Ad Blocker
RPS AntiFraud
RPS AntiSpyware
RPS AntiVirus
RPS App Detector
RPS AsRealtime
RPS Backup
RPS Burn
RPS Diagnostic Utility
RPS Firewall
RPS ParentalControl
RPS Performance Tool
RPS PopupBlocker
RPS Privacy Manager
RPS RpsCore
RPS Security Cleanup
RPS Zip
Rugby 2004
Samsung USB Driver (MCCI 4.24 WHQL)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB943460)
Shockwave
Smart Menus (Windows Live Toolbar)
SolSuite 2007 v7.7
Sonic DLA
Sonic RecordNow!
Sound Blaster Live!
Starware358 4.4.1.0
SystemDoctor 2006 1.1.97.0
TurboTax Deluxe 2005
TurboTax ItsDeductible 2005
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
V CAST Music
Verizon Internet Security Suite
Verizon Online DSL
Verizon Online Help & Support
Verizon Servicepoint 1.5.12
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
WildTangent Web Driver
Windows Defender
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Quick Select Tool (PhotoMail)
Yahoo! Photos Easy Upload Tool

SmitFraudFix v2.256

Scan done at 13:21:24.10, Wed 11/28/2007
Run from C:\Documents and Settings\Eric Jaick\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\SystemDoctor 2006\SDR6cw.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Eric Jaick


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Eric Jaick\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

C:\DOCUME~1\ERICJA~1\STARTM~1\Programs\PestCapture FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ERICJA~1\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop

C:\DOCUME~1\ERICJA~1\Desktop\PestCapture.lnk FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\PestCapture\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
 

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{661EFD31-1B61-42B5-8207-4CAB9B6F58B0}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCAE2F87-F9B6-4806-AAE8-4E6A78928275}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D4795678-6800-44BD-A3AF-0C956A0FD4AC}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{FF93A0B7-80E0-4673-800C-DEA69C5A29CD}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{661EFD31-1B61-42B5-8207-4CAB9B6F58B0}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCAE2F87-F9B6-4806-AAE8-4E6A78928275}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D4795678-6800-44BD-A3AF-0C956A0FD4AC}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{FF93A0B7-80E0-4673-800C-DEA69C5A29CD}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{661EFD31-1B61-42B5-8207-4CAB9B6F58B0}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCAE2F87-F9B6-4806-AAE8-4E6A78928275}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D4795678-6800-44BD-A3AF-0C956A0FD4AC}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{FF93A0B7-80E0-4673-800C-DEA69C5A29CD}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #5 on: November 28, 2007, 04:53:08 PM »
I suggest that you print the remainder of the instructions, or save them to a text file on desktop for reference

Close down all browser windows, including this one

Disable Windows Defenders protections so it won't interfere with any fixes we try, leave this disabled till we have you totally clean
Open Windows Defender from START>>ALL Programs
Click on Tools, General Settings.
Scroll down and uncheck Turn on real-time protection (recommended).
After you uncheck this, click on the Save button and close Windows Defender.

Access your add/remove programs and remove any of the following you can
Don't reboot the computer until I tell you to

The first 2 are older versions of Sun Java, we'll update this in a bit
Java 2 Runtime Environment, SE v1.4.2
Javaâ„¢ SE Runtime Environment 6 Update 1

Don't reboot yet, instead keep uninstalling the next ones if you can
MoreResults
PestCapture
Starware358
SystemDoctor 2006
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar (Remove Only)
WildTangent Web Driver

If you didn't pay for the next 2, remove them also
NoAdware v5.0
Registry Defender

Afterwards:
Please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
In safe mode

Open the SmitfraudFix folder again and double-click smitfraudfix.cmd

=============================================================
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't
Boot to Normal Windows
I'll need to see the log it generates later, by default it is located at
C:\rapport.txt
=============================================================

Back in Windows
Go ahead and download the OFFLINE installation of Sun Java to your desktop
http://www.java.com/en/download/manual.jsp
Double click on the installer on desktop and follow the prompts to install

Afterwards:
Download this file - Combofix.exe and save it ONLY to your desktop of the infected computer

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
It's default location is C:\Combofix.txt

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


Post back all the following, even if it takes more than one reply to do so

1. Post the log from Combofix
2. Post the log from Smitfraudfix
3. Post a fresh hijackthis log
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #6 on: November 28, 2007, 06:47:50 PM »
ComboFix 07-11-29.3 - Eric Jaick 2007-11-28 15:31:54.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.148 [GMT -8:00]
Running from: C:\Documents and Settings\Eric Jaick\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Eric Jaick\Application Data\SpamBlocker
C:\Documents and Settings\Eric Jaick\Application Data\SystemDoctor 2006
C:\Documents and Settings\Eric Jaick\Application Data\SystemDoctor 2006\activator_info.txt
C:\Documents and Settings\Eric Jaick\Application Data\SystemDoctor 2006\Logs\update.log
C:\Documents and Settings\Eric Jaick\err.log
C:\Documents and Settings\Eric Jaick\g2mdlhlpx.exe
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\Companion Wizard\compwiz.exe
C:\Program Files\Common Files\companion wizard\WapCHK.dll
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\alp2plib.log.bak
C:\Program Files\Starware358
C:\Program Files\Starware358\bin\Starware358.dll
C:\Program Files\SystemDoctor 2006 Free
C:\Program Files\SystemDoctor 2006 Free\bhpv.dat
C:\Program Files\SystemDoctor 2006 Free\bhupdater.dat
C:\Program Files\SystemDoctor 2006 Free\ModelLib.dll
C:\Program Files\SystemDoctor 2006 Free\mProp
C:\Program Files\SystemDoctor 2006 Free\propbh.xml
C:\RECYCLER\RB1A7.tmp
C:\WA7P
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\wpcap.dll

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NPF
-------\LEGACY_VSPF
-------\LEGACY_VSPF_HK
-------\NPF


(((((((((((((((((((((((((   Files Created from 2007-10-28 to 2007-11-29  )))))))))))))))))))))))))))))))
.

2007-11-28 15:25 . 2007-09-24 23:31   69,632   --a------   C:\WINDOWS\SYSTEM32\javacpl.cpl
2007-11-28 15:24 . 2007-11-28 15:24   <DIR>   d--------   C:\Program Files\Common Files\Java
2007-11-28 13:21 . 2007-11-28 15:12   5,110   --a------   C:\WINDOWS\SYSTEM32\tmp.reg
2007-11-28 12:47 . 2007-11-28 12:47   <DIR>   d--------   C:\Program Files\Trend Micro
2007-11-28 11:59 . 2007-11-28 11:59   15,452,536   --a------   C:\Program Files\IE7-WindowsXP-x86-enu.exe
2007-11-27 16:13 . 2007-11-28 10:40   <DIR>   d--------   C:\Program Files\Registry Defender
2007-11-17 09:18 . 2007-11-17 09:18   <DIR>   d--------   C:\Program Files\Belltech Greeting Card Designer
2007-11-14 18:28 . 2007-11-29 15:38   54,156   --ah-----   C:\WINDOWS\QTFont.qfn
2007-11-14 18:28 . 2007-11-14 18:28   1,409   --a------   C:\WINDOWS\QTFont.for
2007-11-14 18:27 . 2007-11-14 18:27   <DIR>   d--------   C:\Program Files\iTunes
2007-11-14 18:19 . 2007-11-14 18:23   <DIR>   d--------   C:\Program Files\QuickTime

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-29 23:38   ---------   d-----w   C:\Program Files\Dl_cats
2007-11-28 23:25   ---------   d-----w   C:\Program Files\Java
2007-11-28 22:53   ---------   d-----w   C:\Program Files\Viewpoint
2007-11-28 22:53   ---------   d-----w   C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint
2007-11-28 22:53   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-11-28 18:40   ---------   d-----w   C:\Program Files\Yahoo!
2007-11-26 23:28   ---------   d--h--r   C:\Documents and Settings\All Users\Application Data\yahoo!
2007-11-22 06:37   ---------   d--h--r   C:\Documents and Settings\Eric Jaick\Application Data\yahoo!
2007-11-15 02:27   ---------   d-----w   C:\Program Files\iPod
2007-11-13 16:44   23,504   ----a-w   C:\Documents and Settings\Eric Jaick\Application Data\GDIPFONTCACHEV1.DAT
2007-10-25 15:29   ---------   d-----w   C:\Program Files\AIM6
2007-10-25 15:26   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-10-20 17:52   ---------   d-----w   C:\Program Files\Dell Photo AIO Printer 966
2007-10-20 17:52   ---------   d-----w   C:\Program Files\Dell PC Fax
2007-10-18 19:31   ---------   d-----w   C:\Program Files\Corel
2007-10-18 05:42   ---------   d-----w   C:\Program Files\Dell
2007-10-18 05:41   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2007-10-18 05:31   ---------   d-----w   C:\Program Files\Real
2007-10-18 05:31   ---------   d-----w   C:\Program Files\McAfee.com
2007-10-18 05:31   ---------   d-----w   C:\Program Files\Creative
2007-10-18 05:30   ---------   d-----w   C:\Program Files\Apple Software Update
2007-09-30 10:00   ---------   d-----w   C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-29 15:58   ---------   d-----w   C:\Documents and Settings\Eric Jaick\Application Data\Verizon
2007-09-29 15:56   ---------   d-----w   C:\Program Files\Raxco
2007-09-29 15:56   ---------   d-----w   C:\Program Files\Common Files\Scanner
2007-09-29 15:56   ---------   d-----w   C:\Program Files\Common Files\Authentium
2007-09-29 15:56   ---------   d-----w   C:\Program Files\CA
2007-09-29 15:56   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Raxco
2007-09-29 15:55   ---------   d-----w   C:\Program Files\Verizon
2007-09-29 15:55   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Verizon
2007-09-18 17:10   58,978,096   ----a-w   C:\Program Files\lcweb.exe
2007-08-14 00:31   1,469,480   ----a-w   C:\Program Files\CouponPrinter.exe
2007-07-31 21:38   2,260   ----a-w   C:\Program Files\avatar.jpg
2007-07-13 02:33   11,728,792   ----a-w   C:\Program Files\solsuite2007_v77_setup.exe
2007-01-02 16:07   563,712   ----a-w   C:\Documents and Settings\Eric Jaick\gotomypc_370.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 20:02]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-04 07:20]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
"Registry Defender"="C:\Program Files\Registry Defender Trial\RegClean.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:56 C:\WINDOWS\SYSTEM32\rundll32.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-08-05 23:04]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [2003-08-13 08:27]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 17:47]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-02 23:01]
"SpySpotter System Defender"="C:\Program Files\SpySpotter3\Defender.exe" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-04-03 14:12]
"A Verizon App"="C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE" [2005-05-23 09:20]
"UERScw"=" " []
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-04-27 16:36]
"VX6000"="C:\WINDOWS\vVX6000.exe" [2006-04-25 19:09]
"FaxCenterServer"="C:\Program Files\Dell PC Fax\fm3032.exe" [2006-12-12 00:22]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44]
"VerizonServicepoint.exe"="C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" [2007-05-11 14:20]
"Verizon Internet Security Suite"="C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe" [2007-08-07 16:31]
"-FreedomNeedsReboot"="C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe" [2007-08-07 16:31]
"dlcqmon.exe"="C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe" [2007-01-12 09:21]
"MemoryCardManager"="C:\Program Files\Dell Photo AIO Printer 966\memcard.exe" [2006-12-12 00:22]
"DLCQCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll" [2006-10-15 21:31]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 20:16]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2003-11-12 20:36]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2003-11-12 20:30:59]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 21:01:04]

R2 dlcq_device;dlcq_device;C:\WINDOWS\system32\dlcqcoms.exe -service
R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamSvc.exe"
R3 VX6000;Microsoft LifeCam VX-6000;C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys
S3 Radialpoint Security Services;Verizon Internet Security Suite;C:\WINDOWS\system32\dllhost.exe /Processid:{80098F68-1220-4F43-80A8-15C7395B8874}
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM);C:\WINDOWS\system32\DRIVERS\sscdserd.sys
S3 USB_RNDIS_XP;Westell WireSpeed Dual Connect Modem;C:\WINDOWS\system32\DRIVERS\usb8023.sys
S3 WUSB54GPV4SRV;Linksys Home Wireless-G USB Adaptor Driver;C:\WINDOWS\system32\DRIVERS\rt2500usb.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-11-22 01:56:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-28 23:26:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
"2007-11-28 10:07:01 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-11-29 23:35:15 C:\WINDOWS\Tasks\User_Feed_Synchronization-{C6DF8D95-45B6-40CC-AFE5-646C59423771}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-29 15:38:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-29 15:41:03 - machine was rebooted
.
   --- E O F ---


SmitFraudFix v2.256

Scan done at 15:12:12.68, Wed 11/28/2007
Run from C:\Documents and Settings\Eric Jaick\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1       localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\Program Files\PestCapture\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{661EFD31-1B61-42B5-8207-4CAB9B6F58B0}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCAE2F87-F9B6-4806-AAE8-4E6A78928275}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D4795678-6800-44BD-A3AF-0C956A0FD4AC}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{FF93A0B7-80E0-4673-800C-DEA69C5A29CD}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{661EFD31-1B61-42B5-8207-4CAB9B6F58B0}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCAE2F87-F9B6-4806-AAE8-4E6A78928275}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D4795678-6800-44BD-A3AF-0C956A0FD4AC}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{FF93A0B7-80E0-4673-800C-DEA69C5A29CD}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{661EFD31-1B61-42B5-8207-4CAB9B6F58B0}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{BCAE2F87-F9B6-4806-AAE8-4E6A78928275}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D4795678-6800-44BD-A3AF-0C956A0FD4AC}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{FF93A0B7-80E0-4673-800C-DEA69C5A29CD}: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
 
Registry Cleaning done.
 
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:44:16 PM, on 11/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\vVX6000.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/genericURL_gener...s/blank_nav.asp
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [UERScw]  
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Verizon Internet Security Suite] "C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [dlcqmon.exe] "C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {38911EED-5726-41B4-9612-265534EC7A13} (Address Magic Web Edition Download Stub) - http://www.returnpath.net/registration/WebEdition.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103673948453
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d2c89f6...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://di.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_2_3_0.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcq_device -   - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 13759 bytes
Logged

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #7 on: November 28, 2007, 06:51:43 PM »
I have done everything you told me to - the 3 logs are now posted.  


A couple of sidenotes......
1. My Windows Defender was NOT running.... In fact when I rebooted I get an "Application failed to initialize: 0x800106ba  A problem caused Windows Defender Services to Stop...."

2.  I could not uninstall WildTangent Web Driver.  It said I needed admin privileges (although I am logged on as the only user and have admin rights)

Just thought you should know
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #8 on: November 28, 2007, 11:08:19 PM »
Quote
1. My Windows Defender was NOT running.... In fact when I rebooted I get an "Application failed to initialize: 0x800106ba A problem caused Windows Defender Services to Stop...."
Don't worry about Windows Defender right now, we'll deal with it once your clean

I noticed this in your uninstall list
Authentium AntiVirus
If this is not the Antivirus software install by Verizon Internet security
I suggest that you uninstall it, having more than one active AV protection, can and will cause conflicts
Reboot the computer afterwards:

Do a "System scan only" with Hijackthis and put a check next to these entries:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/genericURL_gener...s/blank_nav.asp
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)

O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [UERScw]
O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
O4 - Startup: RegistryDefender.lnk = ?
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab



After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis



==Open notepad and copy/paste the text in the quotebox below into it:
Don't use anything else than notepad or the script will not work

Quote
Folder::
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint
C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\WINDOWS\WT
C:\Program Files\SpySpotter3
C:\Program Files\AWS

Save this as txtfile on your desktop
CFScript

Drag CFScript.txt into ComboFix.exe
Combofix will start
Don't doubleclick on it, let it complete

When finished, it shall produce a log for you again, with the same name C:\ComboFix.txt..

Post back the log from Combofix and again a fresh hijackthis log
« Last Edit: November 28, 2007, 11:08:53 PM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #9 on: November 29, 2007, 01:33:26 AM »
I tried to find Authentium in my add/remove programs but it wasn't listed.  I found the actual files but it won't let me delete them - so I left them.  I don't know where they came from....

ComboFix 07-11-29.3 - Eric Jaick 2007-11-29 22:15:52.2 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.173 [GMT -8:00]
Running from: C:\Documents and Settings\Eric Jaick\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Eric Jaick\Desktop\CFScript.txt
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Viewpoint
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\ComponentRegistry.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\DownLoadHist.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\HostRegistry.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\MetaStreamConfig.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\MetaStreamID.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\MTSDownloadSites.txt
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\-1536214910.swf
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\-1946284087.mtz
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\1448018502.swf
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\1449354722.mtx
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\223101848_1.mts
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\253621806.mtx
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\645625622.swf
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\URLCache.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\-998918460.mtj&p2=0&p3=12277100020805394462610114243687&p4=0
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\2140412012.mtj&p2=1&p3=04437363376013074353172827762849&p4=50335504
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\995649651.swf
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\URLCache.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02\2015575055.mtj&p2=1&p3=07228406137200234480810805802976&p4=50335505
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02\407034558.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02\URLCache.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_03\-322505998.mtj&p2=0&p3=12277100020805394462610114243687&p4=0
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_03\1336996767.swf
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_03\URLCache.ini
C:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\Resources\UpdateVersionList_v2.mtx
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\-1241215004.mtx
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_00\URLCache.ini
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\-1233786184.mtx
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\-1355542221.mts
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_01\URLCache.ini
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02\1119833740.mtj&p2=1&p3=03056062238214252678336717806627&p4=50335505
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_02\URLCache.ini
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\ResourceFolder_03\URLCache.ini
C:\Documents and Settings\Eric Jaick\Application Data\Viewpoint\Viewpoint Media Player\Resources\UpdateVersionList_v2.mtx
C:\WINDOWS\WT
C:\WINDOWS\WT\data.wts
C:\WINDOWS\WT\updater\wcmdmgr.exe
C:\WINDOWS\WT\updater\wcmdmgrl.exe
C:\WINDOWS\WT\updater\wt.ini
C:\WINDOWS\WT\WDInUsePlugin.dll
C:\WINDOWS\WT\webdriver.dll
C:\WINDOWS\WT\webdriver\4.1.1\actorobject.dll
C:\WINDOWS\WT\webdriver\4.1.1\dx5drv.dll
C:\WINDOWS\WT\webdriver\4.1.1\dx7drv.dll
C:\WINDOWS\WT\webdriver\4.1.1\objectbundle.dll
C:\WINDOWS\WT\webdriver\4.1.1\sound.dll
C:\WINDOWS\WT\webdriver\4.1.1\wdcaps.ded
C:\WINDOWS\WT\webdriver\4.1.1\wdengine.dll
C:\WINDOWS\WT\webdriver\4.1.1\webdriver.dll
C:\WINDOWS\WT\webdriver\4.1.1\wthost.exe
C:\WINDOWS\WT\webdriver\4.1.1\wthostctl.dll
C:\WINDOWS\WT\webdriver\4.1.1\wtmulti.dll
C:\WINDOWS\WT\webdriver\4.1.1\wtmulti.jar
C:\WINDOWS\WT\webdriver\4.1.1\wtwmplug.ax
C:\WINDOWS\WT\webdriver\4.1.1\wtwmplug.ini
C:\WINDOWS\WT\webdriver\actorobject.dll
C:\WINDOWS\WT\webdriver\dx5drv.dll
C:\WINDOWS\WT\webdriver\dx7drv.dll
C:\WINDOWS\WT\webdriver\export.dat
C:\WINDOWS\WT\webdriver\jdriver.dll
C:\WINDOWS\WT\webdriver\objectbundle.dll
C:\WINDOWS\WT\webdriver\rdriver.dll
C:\WINDOWS\WT\webdriver\sound.dll
C:\WINDOWS\WT\webdriver\wdcaps.ded
C:\WINDOWS\WT\webdriver\wdengine.dll
C:\WINDOWS\WT\webdriver\webdriver.dll
C:\WINDOWS\WT\webdriver\wildtangent.jar
C:\WINDOWS\WT\webdriver\wtdmmp.dll
C:\WINDOWS\WT\webdriver\wtdmmpi.jar
C:\WINDOWS\WT\webdriver\wtdmmpv.dll
C:\WINDOWS\WT\webdriver\wthost.exe
C:\WINDOWS\WT\webdriver\wthostctl.dll
C:\WINDOWS\WT\webdriver\wtmulti.dll
C:\WINDOWS\WT\webdriver\wtmulti.jar
C:\WINDOWS\WT\webdriver\wtwmplug.ax
C:\WINDOWS\WT\webdriver\wtwmplug.ini
C:\WINDOWS\WT\wt3d.dll
C:\WINDOWS\WT\wt3d.ini
C:\WINDOWS\WT\wtcda\wtcdatt.exe
C:\WINDOWS\WT\wtupdates\CDALogger\4.1.0.001\files\CDALogger0401.dll
C:\WINDOWS\WT\wtupdates\CDALogger\4.1.0.001\files\GameData.cdaet
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\files\controlPanel\index.html
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\files\update_info\data.wts
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\files\wtdmmp.dll
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\files\wtdmmpi.jar
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\files\wtdmmpv.dll
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\install\DMMP.cdanfo
C:\WINDOWS\WT\wtupdates\DMMP\3.0.2.000\install\DMMP_Uninstall.cdas
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\files\controlPanel\index.html
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\files\DRM0302.dll
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\files\wt.sto
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo
C:\WINDOWS\WT\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\actorobject.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\controlPanel\index.html
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\dx5drv.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\dx7drv.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\jdriver.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\legacy\data.wts
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\legacy\webdriver.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\legacy\wt3d.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\npWTHost.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\ObjectBundle.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\rdriver.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\Sound.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\update_info\data.wts
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wdcaps.ded
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wdengine.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\Webd331.cdanfo
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\webdriver.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wildtangent.jar
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wt3d.ini
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\WTHost.exe
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\WTHostCtl.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wtmulti.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wtmulti.jar
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wtvh.dll
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wtwmplug.ax
C:\WINDOWS\WT\wtupdates\webd\4.1.1\files\wtwmplug.ini
C:\WINDOWS\WT\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo
C:\WINDOWS\WT\wtupdates\webd\4.1.1\install\webd4_1_1_filelist.cdas
C:\WINDOWS\WT\wtupdates\webd\4.1.1\install\Webd4_1_1_Install.cdas
C:\WINDOWS\WT\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas
C:\WINDOWS\WT\wtupdates\wtcda\files\4.0.0.370\wtcdatt.exe
C:\WINDOWS\WT\wtupdates\wtcda\update_info\data.wts
C:\WINDOWS\WT\wtupdates\wtdmmp\update_info\data.wts
C:\WINDOWS\WT\wtupdates\wtupdater\appinfo.dat
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\actorobject.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\dx5drv.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\dx7drv.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\legacy\data.wts
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\legacy\webdriver.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\legacy\wt3d.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\npwthost.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\npwtplug.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\nsiwthostplugin.xpt
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\objectbundle.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\rdriver.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\sound.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wdcaps.ded
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wdengine.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\webdriver.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wildtangent.jar
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wthost.exe
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wthost.jar
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wthostctl.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wtmulti.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wtmulti.jar
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wtvh.dll
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wtwmplug.ax
C:\WINDOWS\WT\wtupdates\wtwebdriver\files\3.2.0.007\wtwmplug.ini
C:\WINDOWS\WT\wtupdates\wtwebdriver\update_info\data.wts
C:\WINDOWS\WT\wtvh.dll

.
(((((((((((((((((((((((((   Files Created from 2007-10-28 to 2007-11-30  )))))))))))))))))))))))))))))))
.

2007-11-28 15:25 . 2007-09-24 23:31   69,632   --a------   C:\WINDOWS\SYSTEM32\javacpl.cpl
2007-11-28 15:24 . 2007-11-28 15:24   <DIR>   d--------   C:\Program Files\Common Files\Java
2007-11-28 13:21 . 2007-11-28 15:12   5,110   --a------   C:\WINDOWS\SYSTEM32\tmp.reg
2007-11-28 12:47 . 2007-11-28 12:47   <DIR>   d--------   C:\Program Files\Trend Micro
2007-11-28 11:59 . 2007-11-28 11:59   15,452,536   --a------   C:\Program Files\IE7-WindowsXP-x86-enu.exe
2007-11-27 16:13 . 2007-11-28 10:40   <DIR>   d--------   C:\Program Files\Registry Defender
2007-11-17 09:18 . 2007-11-17 09:18   <DIR>   d--------   C:\Program Files\Belltech Greeting Card Designer
2007-11-14 18:28 . 2007-11-29 22:24   54,156   --ah-----   C:\WINDOWS\QTFont.qfn
2007-11-14 18:28 . 2007-11-14 18:28   1,409   --a------   C:\WINDOWS\QTFont.for
2007-11-14 18:27 . 2007-11-14 18:27   <DIR>   d--------   C:\Program Files\iTunes
2007-11-14 18:19 . 2007-11-14 18:23   <DIR>   d--------   C:\Program Files\QuickTime
2007-10-22 19:21 . 2007-10-22 19:21   244   --ah-----   C:\sqmnoopt19.sqm
2007-10-21 19:16 . 2007-10-21 19:16   244   --ah-----   C:\sqmnoopt18.sqm
2007-10-21 12:09 . 2007-10-21 12:09   244   --ah-----   C:\sqmnoopt17.sqm
2007-10-20 20:14 . 2007-10-20 20:14   244   --ah-----   C:\sqmnoopt16.sqm
2007-10-20 17:13 . 2007-10-20 17:13   244   --ah-----   C:\sqmnoopt15.sqm
2007-10-20 17:00 . 2007-10-20 17:00   244   --ah-----   C:\sqmnoopt14.sqm
2007-10-19 22:31 . 2007-10-19 22:31   244   --ah-----   C:\sqmnoopt13.sqm
2007-10-19 20:16 . 2007-10-19 20:16   65,536   --a------   C:\WINDOWS\SYSTEM32\QuickTimeVR.qtx
2007-10-19 20:16 . 2007-10-19 20:16   49,152   --a------   C:\WINDOWS\SYSTEM32\QuickTime.qts
2007-10-17 21:39 . 2007-10-20 09:52   <DIR>   d--------   C:\Program Files\Dell Photo AIO Printer 966
2007-10-17 21:32 . 2007-10-17 21:32   244   --ah-----   C:\sqmnoopt12.sqm
2007-10-14 21:09 . 2007-10-14 21:09   244   --ah-----   C:\sqmnoopt11.sqm

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 06:25   ---------   d-----w   C:\Program Files\Dl_cats
2007-11-30 01:04   ---------   d-----w   C:\Program Files\AIM
2007-11-30 01:04   ---------   d-----w   C:\Documents and Settings\Eric Jaick\Application Data\Aim
2007-11-30 00:37   ---------   d-----w   C:\Program Files\Windows Defender
2007-11-28 23:25   ---------   d-----w   C:\Program Files\Java
2007-11-28 22:53   ---------   d-----w   C:\Program Files\Viewpoint
2007-11-28 18:40   ---------   d-----w   C:\Program Files\Yahoo!
2007-11-26 23:28   ---------   d--h--r   C:\Documents and Settings\All Users\Application Data\yahoo!
2007-11-22 06:37   ---------   d--h--r   C:\Documents and Settings\Eric Jaick\Application Data\yahoo!
2007-11-15 02:27   ---------   d-----w   C:\Program Files\iPod
2007-11-13 16:44   23,504   ----a-w   C:\Documents and Settings\Eric Jaick\Application Data\GDIPFONTCACHEV1.DAT
2007-10-25 15:29   ---------   d-----w   C:\Program Files\AIM6
2007-10-25 15:26   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-10-20 17:52   ---------   d-----w   C:\Program Files\Dell PC Fax
2007-10-18 19:31   ---------   d-----w   C:\Program Files\Corel
2007-10-18 05:42   ---------   d-----w   C:\Program Files\Dell
2007-10-18 05:41   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2007-10-18 05:31   ---------   d-----w   C:\Program Files\Real
2007-10-18 05:31   ---------   d-----w   C:\Program Files\McAfee.com
2007-10-18 05:31   ---------   d-----w   C:\Program Files\Creative
2007-10-18 05:30   ---------   d-----w   C:\Program Files\Apple Software Update
2007-09-30 10:00   ---------   d-----w   C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-29 15:58   ---------   d-----w   C:\Documents and Settings\Eric Jaick\Application Data\Verizon
2007-09-29 15:56   ---------   d-----w   C:\Program Files\Raxco
2007-09-29 15:56   ---------   d-----w   C:\Program Files\Common Files\Scanner
2007-09-29 15:56   ---------   d-----w   C:\Program Files\Common Files\Authentium
2007-09-29 15:56   ---------   d-----w   C:\Program Files\CA
2007-09-29 15:56   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Raxco
2007-09-29 15:55   ---------   d-----w   C:\Program Files\Verizon
2007-09-29 15:55   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Verizon
2007-09-18 17:10   58,978,096   ----a-w   C:\Program Files\lcweb.exe
2007-08-14 00:31   1,469,480   ----a-w   C:\Program Files\CouponPrinter.exe
2007-07-31 21:38   2,260   ----a-w   C:\Program Files\avatar.jpg
2007-07-13 02:33   11,728,792   ----a-w   C:\Program Files\solsuite2007_v77_setup.exe
2007-01-02 16:07   563,712   ----a-w   C:\Documents and Settings\Eric Jaick\gotomypc_370.exe
.

(((((((((((((((((((((((((((((   snapshot@2007-11-29_15.39.36.42   )))))))))))))))))))))))))))))))))))))))))
.
- 2007-11-29 23:36:01   6,988   ----a-w   C:\WINDOWS\SoftwareDistribution\EventCache\{A4D152F8-A7B2-49C6-BD38-56C01C85663F}.bin
+ 2007-11-30 00:43:34   12,444   ----a-w   C:\WINDOWS\SoftwareDistribution\EventCache\{A4D152F8-A7B2-49C6-BD38-56C01C85663F}.bin
- 2007-03-16 01:19:28   1,476,992   ----a-w   C:\WINDOWS\SYSTEM32\LegitCheckControl.dll
+ 2007-10-11 22:12:48   1,468,968   ----a-w   C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
- 2007-11-05 01:34:25   53,436   ----a-w   C:\WINDOWS\SYSTEM32\PERFC009.DAT
+ 2007-11-29 23:42:33   53,436   ----a-w   C:\WINDOWS\SYSTEM32\PERFC009.DAT
- 2007-11-05 01:34:25   381,692   ----a-w   C:\WINDOWS\SYSTEM32\PERFH009.DAT
+ 2007-11-29 23:42:33   381,692   ----a-w   C:\WINDOWS\SYSTEM32\PERFH009.DAT
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-13 20:02]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-04 07:20]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
"Registry Defender"="C:\Program Files\Registry Defender Trial\RegClean.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:56 C:\WINDOWS\SYSTEM32\rundll32.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-08-05 23:04]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [2003-08-13 08:27]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 17:47]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-02 23:01]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-04-03 14:12]
"A Verizon App"="C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE" [2005-05-23 09:20]
"UERScw"=" " []
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-04-27 16:36]
"VX6000"="C:\WINDOWS\vVX6000.exe" [2006-04-25 19:09]
"FaxCenterServer"="C:\Program Files\Dell PC Fax\fm3032.exe" [2006-12-12 00:22]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44]
"VerizonServicepoint.exe"="C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" [2007-05-11 14:20]
"Verizon Internet Security Suite"="C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe" [2007-08-07 16:31]
"-FreedomNeedsReboot"="C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe" [2007-08-07 16:31]
"dlcqmon.exe"="C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe" [2007-01-12 09:21]
"MemoryCardManager"="C:\Program Files\Dell Photo AIO Printer 966\memcard.exe" [2006-12-12 00:22]
"DLCQCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll" [2006-10-15 21:31]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 20:16]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2003-11-12 20:36]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2003-11-12 20:30:59]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-12 21:01:04]

R2 dlcq_device;dlcq_device;C:\WINDOWS\system32\dlcqcoms.exe -service
R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamSvc.exe"
R3 VX6000;Microsoft LifeCam VX-6000;C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys
S3 Radialpoint Security Services;Verizon Internet Security Suite;C:\WINDOWS\system32\dllhost.exe /Processid:{80098F68-1220-4F43-80A8-15C7395B8874}
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
S3 sscdserd;SAMSUNG CDMA Modem Diagnostic Serial Port (WDM);C:\WINDOWS\system32\DRIVERS\sscdserd.sys
S3 USB_RNDIS_XP;Westell WireSpeed Dual Connect Modem;C:\WINDOWS\system32\DRIVERS\usb8023.sys
S3 WUSB54GPV4SRV;Linksys Home Wireless-G USB Adaptor Driver;C:\WINDOWS\system32\DRIVERS\rt2500usb.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-11-22 01:56:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-30 06:26:15 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
"2007-11-28 10:07:01 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-11-29 23:50:13 C:\WINDOWS\Tasks\User_Feed_Synchronization-{C6DF8D95-45B6-40CC-AFE5-646C59423771}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-29 22:25:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-29 22:27:59 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-29 15:41
.
   --- E O F ---



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:29:14 PM, on 11/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
C:\WINDOWS\vVX6000.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe
C:\Program Files\Dell Photo AIO Printer 966\memcard.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE
O4 - HKLM\..\Run: [UERScw]  
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Verizon Internet Security Suite] "C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [dlcqmon.exe] "C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
O4 - Startup: RegistryDefender.lnk = ?
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {38911EED-5726-41B4-9612-265534EC7A13} (Address Magic Web Edition Download Stub) - http://www.returnpath.net/registration/WebEdition.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103673948453
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d2c89f6...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://di.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_2_3_0.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcq_device -   - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 12974 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #10 on: November 29, 2007, 10:15:50 PM »
Quote
I tried to find Authentium in my add/remove programs but it wasn't listed
Don't worry about it, it may be related to Verizon Internet Security
As well as Pest Patrol

 still see many entries in your hijackthis log that should be gone, but are still visible
Can you do the following

If possible, can you disable Pest Patrol till we finish the next fixes please
Open PestPatrol Anti-Spyware; Click Advanced Settings then Stop Active Protection Now; Click Apply then OK

===Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg

Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box

Code: [Select]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe"
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe"
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe"
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe"
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe"
"A Verizon App"="C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE"
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe"
"VX6000"="C:\WINDOWS\vVX6000.exe"
"FaxCenterServer"="C:\Program Files\Dell PC Fax\fm3032.exe"
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe"
"VerizonServicepoint.exe"="C:\Program Files\Verizon\VSP\VerizonServicepoint.exe"
"Verizon Internet Security Suite"="C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
"-FreedomNeedsReboot"="C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe"
"dlcqmon.exe"="C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
"MemoryCardManager"="C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
"DLCQCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
Double click on fix.reg and allow to add/merge to the registry at the prompt

Do a "System scan only" with Hijackthis and put a check next to these entries:

O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
O4 - Startup: RegistryDefender.lnk = ?

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab



After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Come back and post a fresh hijackthis log and let me know how things are running please
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #11 on: November 30, 2007, 02:58:58 AM »
Pest Patrol doesn't open.  I get a pop up asking what type of program it should be opened in.  I looked under C://program files/CA.... but those don't allow me to disable it either.

My pc seems to be running faster (on start up) but the address bar still doesn't work.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:24 PM, on 11/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\RPS.exe
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {38911EED-5726-41B4-9612-265534EC7A13} (Address Magic Web Edition Download Stub) - http://www.returnpath.net/registration/WebEdition.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103673948453
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d2c89f6...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://di.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_2_3_0.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcq_device -   - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 9841 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #12 on: November 30, 2007, 03:44:37 AM »
Did you copy fix.reg properly, some values are missing that should of returned

Can you do the following
delete fix.reg on desktop, let's redo that step

===Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg

Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box

Code: [Select]
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe"
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe"
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe"
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe"
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe"
"A Verizon App"="C:\PROGRA~1\VERIZO~2\HELPSU~1\VERIZO~1.EXE"
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe"
"VX6000"="C:\WINDOWS\vVX6000.exe"
"FaxCenterServer"="C:\Program Files\Dell PC Fax\fm3032.exe"
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe"
"VerizonServicepoint.exe"="C:\Program Files\Verizon\VSP\VerizonServicepoint.exe"
"Verizon Internet Security Suite"="C:\Program Files\Verizon\Verizon Internet Security Suite\Rps.exe"
"-FreedomNeedsReboot"="C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe"
"dlcqmon.exe"="C:\Program Files\Dell Photo AIO Printer 966\dlcqmon.exe"
"MemoryCardManager"="C:\Program Files\Dell Photo AIO Printer 966\memcard.exe"
"DLCQCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
Double click on fix.reg and allow to add/merge to the registry at the prompt

Reboot the computer

Back in Windows, post a fresh hijackthis log

Also, can you do the following
download FindAWF:
http://noahdfear.net/downloads/FindAWF.exe

Save the file to the Desktop
Double-click the FindAWF icon.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 1 then Enter to scan for bak folders
The scan may take a while, please be patient.

When done, a text file, Find AWF report is produced.
Please provide Find AWF report in your reply.
« Last Edit: November 30, 2007, 03:45:03 AM by guestolo »
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #13 on: December 02, 2007, 10:54:40 PM »
Find AWF report by noahdfear ©2006
               Version 1.40

The current date is: 2007-12-02
The current time is: 19:47:34.09


  bak folders found
  ~~~~~~~~~~~



  Duplicate files of bak directory contents
  ~~~~~~~~~~~~~~~~~~~~~~~



  end of report


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53, on 2007-12-02
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {38911EED-5726-41B4-9612-265534EC7A13} (Address Magic Web Edition Download Stub) - http://www.returnpath.net/registration/WebEdition.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103673948453
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d2c89f6...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://di.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_2_3_0.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcq_device -   - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 9758 bytes
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #14 on: December 02, 2007, 11:23:11 PM »
Can you try disabling Pest patrol like this
Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- CA Pest Patrol Realtime Protection Service

Double click on it--- STOP the service--If running
In the drop down menu, change the startup type to Disabled
Reboot the machine
Try that registry fix.reg again


Verizon Internet security, is it not disallowing you to merge that registry fix is it?
Are you getting any prompts when trying to merge it?


Can I see 2 other logs, let's see what may be going on
Download [color=\"#008000\"]Deckard's System Scanner (dss.exe)[/color] to your desktop.
Close all applications and windows.
Double-click on dss.exe to run it and follow the prompts.
When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of  main.txt and extra.txt

Can you also try running "IE with no addon's"
Close IE>>then go to START>>All Programs>>accessories>>System tools
Do you have problems with search?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #15 on: December 03, 2007, 03:51:26 PM »
it said it was added to the registry, but I'll try this again.
Logged

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #16 on: December 03, 2007, 05:00:40 PM »
Main.txt...............................
Deckard's System Scanner v20071014.68
Run by Eric Jaick on 2007-12-03 13:33:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
91: 2007-12-03 21:33:42 UTC - RP1500 - Deckard's System Scanner Restore Point
90: 2007-12-03 11:00:45 UTC - RP1499 - Software Distribution Service 3.0
89: 2007-12-03 04:38:08 UTC - RP1498 - System Checkpoint
88: 2007-12-03 11:00:36 UTC - RP1497 - Software Distribution Service 3.0
87: 2007-12-02 11:00:54 UTC - RP1496 - Software Distribution Service 3.0


-- First Restore Point --
1: 2007-10-02 15:03:52 UTC - RP1410 - Software Distribution Service 3.0


Backed up registry hives.
Performed disk cleanup.

[color=\"red\"]Total Physical Memory: 511 MiB (512 MiB recommended).[/color]


-- HijackThis (run as Eric Jaick.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:34:49 PM, on 12/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Eric Jaick\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Eric Jaick.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Verizon\Verizon Internet Security Suite\pkR.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/...nst_current.cab
O16 - DPF: {38911EED-5726-41B4-9612-265534EC7A13} (Address Magic Web Edition Download Stub) - http://www.returnpath.net/registration/WebEdition.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.Email Removed.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1103673948453
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/d2c89f6...all/xscan53.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_6us.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://di.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.companion....ebio5_2_3_0.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcq_device -   - C:\WINDOWS\system32\dlcqcoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Verizon Internet Security Suite Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\Verizon Internet Security Suite\rpsupdaterR.exe
O23 - Service: Verizon Internet Security Suite Firewall (RP_FWS) - Verizon - C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 9790 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20071129-220957-187 O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
backup-20071129-220957-290 O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
backup-20071129-220957-436 O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
backup-20071129-220957-443 O4 - Startup: RegistryDefender.lnk = ?
backup-20071129-220957-706 O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
backup-20071129-220957-792 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://us.mcafee.com/root/genericURL_gener...s/blank_nav.asp
backup-20071129-220957-824 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20071129-220957-952 O4 - HKLM\..\Run: [UERScw]  
backup-20071129-220957-959 O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Program Files\SpySpotter3\Defender.exe -startup
backup-20071130-233458-637 O4 - HKCU\..\Run: [Registry Defender] "C:\Program Files\Registry Defender Trial\RegClean.exe"
backup-20071130-233458-865 O4 - Startup: RegistryDefender.lnk = ?
backup-20071130-233459-520 O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cab
backup-20071130-233459-925 O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
backup-20071130-235314-558 O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 agp440 (Intel AGP Bus Filter) - c:\windows\\systemroot\system32\drivers\agp440.sys (file missing)
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 StarOpen - c:\windows\system32\drivers\staropen.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.0.1) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.0.1>

S3 catchme - c:\docume~1\ericja~1\locals~1\temp\catchme.sys (file missing)
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-12-03 13:17:00       256 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
2007-12-03 02:07:00       330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
2007-11-21 17:56:03       284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-11-03 and 2007-12-03 -----------------------------

2007-12-02 03:01:30         0 d-------- C:\Program Files\Windows Live Favorites
2007-11-28 15:24:53         0 d-------- C:\Program Files\Common Files\Java
2007-11-28 13:21:30      5110 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-28 12:47:21         0 d-------- C:\Program Files\Trend Micro
2007-11-27 16:13:30         0 d-------- C:\Program Files\Registry Defender
2007-11-17 09:18:03         0 d-------- C:\Program Files\Belltech Greeting Card Designer
2007-11-14 18:27:03         0 d-------- C:\Program Files\iTunes
2007-11-14 18:19:56         0 d-------- C:\Program Files\QuickTime


-- Find3M Report ---------------------------------------------------------------

2007-12-03 12:53:08         0 d-------- C:\Program Files\Dl_cats
2007-12-02 03:01:49         0 d-------- C:\Program Files\Windows Live Toolbar
2007-11-29 17:04:10         0 d-------- C:\Program Files\AIM
2007-11-29 17:04:03         0 d-------- C:\Documents and Settings\Eric Jaick\Application Data\Aim
2007-11-29 16:37:54         0 d-------- C:\Program Files\Windows Defender
2007-11-29 15:35:18         0 d-------- C:\Program Files\Common Files
2007-11-28 15:25:35         0 d-------- C:\Program Files\Java
2007-11-28 14:53:33         0 d-------- C:\Program Files\Viewpoint
2007-11-28 10:40:20         0 d-------- C:\Program Files\Yahoo!
2007-11-21 22:37:58         0 dr-h----- C:\Documents and Settings\Eric Jaick\Application Data\yahoo!
2007-11-14 18:27:24         0 d-------- C:\Program Files\iPod
2007-11-13 08:44:17     23504 --a------ C:\Documents and Settings\Eric Jaick\Application Data\GDIPFONTCACHEV1.DAT
2007-11-09 09:09:26         0 d-------- C:\Documents and Settings\Eric Jaick\Application Data\Adobe
2007-10-25 07:29:48         0 d-------- C:\Program Files\AIM6
2007-10-20 09:52:54         0 d-------- C:\Program Files\Dell Photo AIO Printer 966
2007-10-20 09:52:54         0 d-------- C:\Program Files\Dell PC Fax
2007-10-19 08:13:07         0 d-------- C:\Program Files\Common Files\ODBC
2007-10-18 11:31:01         0 d-------- C:\Program Files\Corel
2007-10-18 11:29:15      5852 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-10-18 11:29:15       104 -r-hs---- C:\WINDOWS\system32\0F0B185FD7.sys
2007-10-17 21:42:24         0 d-------- C:\Program Files\Dell
2007-10-17 21:41:29         0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-17 21:31:35         0 d-------- C:\Program Files\Real
2007-10-17 21:31:26         0 d-------- C:\Program Files\McAfee.com
2007-10-17 21:31:07         0 d-------- C:\Program Files\Creative
2007-10-17 21:30:50         0 d-------- C:\Program Files\Apple Software Update


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/06/2003 11:16 AM]
"DLCQCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll" [10/15/2006 09:31 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/13/2007 08:02 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [10/04/2007 07:20 AM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]

C:\Documents and Settings\Eric Jaick\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 7:00:00 AM]
V CAST Music Monitor.lnk - C:\Program Files\Verizon Wireless\V CAST Music\V CAST Music Monitor.exe [11/30/2005 8:32:10 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]
DESKTOP.INI [9/3/2002 7:00:00 AM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [11/12/2003 8:30:59 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/12/2001 9:01:04 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"




-- End of Deckard's System Scanner: finished at 2007-12-03 13:35:46 ------------

extra.txt.......................................................................
............
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.66GHz
Percentage of Memory in Use: 52%
Physical Memory (total/avail): 510.98 MiB / 242.21 MiB
Pagefile Memory (total/avail): 1248.46 MiB / 1008.65 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.57 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.46 GiB total, 47.8 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (No Media)

\\.\PHYSICALDRIVE0 - WDC WD800BB-75CAA0 - 74.5 GiB - 2 partitions
  \PARTITION0 - Unknown - 39.19 MiB
  \PARTITION1 (bootable) - Installable File System - 74.46 GiB - C:

\\.\PHYSICALDRIVE1 - Dell USB Mass Storage USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FW: Verizon Internet Security Suite Firewall v6.0.1 (Verizon)
AV: Verizon Internet Security Suite Anti-Virus v6.0.1 (Verizon)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Eric Jaick\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=D39GNS31
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Eric Jaick
LOGONSERVER=\\D39GNS31
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\CA\PPRT\bin;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ERICJA~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ERICJA~1\LOCALS~1\Temp
USERDOMAIN=D39GNS31
USERNAME=Eric Jaick
USERPROFILE=C:\Documents and Settings\Eric Jaick
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Eric Jaick (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

 --> "C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S /R
 --> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
 --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
 --> C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
 --> C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
 --> mshta res://C:\PROGRA~1\MyWay\myBar\1.bin\mybar.dll/101
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9  /remove
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9  /remove
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9  /remove
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9  /remove
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9  /remove
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9  /remove
 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint --> MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINDOWS\atmoUn.exe
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.5 Language Support --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-7050000000A7}
Adobe Reader 7.0.9 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Authentium AntiVirus SDK - 2 --> MsiExec.exe /I{1ACE3F9D-CDA4-4F39-9605-334CF37A1579}
Belltech Greeting Card Designer 5.0 --> "C:\Program Files\Belltech Greeting Card Designer\unins000.exe"
Caplio RR30 Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56CE64EA-4AD7-41CA-86F5-40886E642686}\setup.exe" anything
Conexant SmartHSFi V92 56K DF PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
Corel Paint Shop Pro X --> MsiExec.exe /I{1A15507A-8551-4626-915D-3D5FA095CC1B}
Dell Media Experience --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe"  -uninstall
Dell PC Fax --> C:\Program Files\Dell PC Fax\Install\x86\Uninst.exe /R:faxunst
Dell Photo AIO Printer 966 --> C:\Program Files\Dell Photo AIO Printer 966\Install\x86\Uninst.exe
Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
Dell Support 5.0.0 (766) --> rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
DS21Patch --> MsiExec.exe /I{9B79DCB0-AAD7-456B-8D07-433C936FA24B}
DVDSentry --> MsiExec.exe /I{98DF85D9-96C0-4F57-A92E-C3539477EF5E}
FaxTools --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
Form Fill (Windows Live Toolbar) --> MsiExec.exe /X{548B3DC6-2300-47E1-BA7B-74AD25F8DEBF}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar5.dll"
GoToMeeting/GoToWebinar 3.0.0.198 --> C:\Program Files\Citrix\GoToMeeting\198\G2MUninstall.exe /uninstall
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel® PROSet --> MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
iPod for Windows 2005-10-12 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D9F4A9F8-92C5-4289-9D04-F0F8F02D580A} /l1033
iPod Updater 2004-10-20 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{510D7787-C1B3-472C-86DF-C06273DAE60B} /l1033
iPod Updater 2004-11-15 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{06E73C0B-7DE7-4F41-860B-587033B75BD9} /l1033
iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java(tm) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LG USB Drivers --> C:\PROGRA~1\LGDRIV~1\LGUSBD~1\UNWISE.EXE C:\PROGRA~1\LGDRIV~1\LGUSBD~1\INSTALL.LOG
Linksys Wireless-G USB Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}\setup.exe" -l0x9
Map Button (Windows Live Toolbar) --> MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft LifeCam --> MsiExec.exe /X{53B3BB85-33F0-4523-8E61-673A2E03C4FE}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
NoAdware v5.0 --> "C:\Program Files\NoAdware5.0\unins000.exe"
Notification Utility --> "C:\Program Files\altpayV2\altpayV2.exe" /Uninstall
NVIDIA Display Driver --> C:\WINDOWS\System32\nvudisp.exe Uninstall C:\WINDOWS\System32\nvdisp.nvu,NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvdd.inf
OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{53B2CFE9-A508-4457-B2CA-5D253536BFB7}
PerfectDisk --> MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
PlayLinc --> MsiExec.exe /I{008EF266-872C-4D71-9D9D-C4A9B9B733D7}
Popup Blocker (Windows Live Toolbar) --> MsiExec.exe /X{66A7A386-6F35-41A7-A731-101F0C0153C8}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
PPSDKRedistributables --> MsiExec.exe /I{C869F4FF-E5FF-4FBB-9A31-33C23605E170}
Print to Fax --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\setup.exe" -l0x9 ControlPanel
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
Radialpoint Security Services --> MsiExec.exe /X{5DFDEAAA-E050-482E-A5B6-138CAE53F7BF}
RealOne Player --> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
Registry Defender --> "C:\Program Files\Registry Defender\Uninstall.exe" "C:\Program Files\Registry Defender\install.log" -u
Rhapsody Player Engine --> MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9}
RPS Ad Blocker --> MsiExec.exe /I{42BB4641-F08B-406A-92D3-8B602AA4105A}
RPS AntiFraud --> MsiExec.exe /I{021ED907-41E1-4610-9F60-C5752C46302C}
RPS AntiSpyware --> MsiExec.exe /I{151E93D6-FCE5-4EC0-99E8-CB73D20A1670}
RPS AntiVirus --> MsiExec.exe /I{1CFE4B69-0CCF-4BE7-8627-EA7BF46CB602}
RPS App Detector --> MsiExec.exe /I{DBDBF6F0-08D9-48FB-BF70-EDB4867285B8}
RPS AsRealtime --> MsiExec.exe /I{5B47B6C1-DC60-4E5C-8DC7-C2304939CD16}
RPS Backup --> MsiExec.exe /I{0DC160EA-5AC0-4ECD-9381-D3C9DBB38647}
RPS Burn --> MsiExec.exe /I{039612F9-B264-4B7C-8170-AAA908643962}
RPS Diagnostic Utility --> MsiExec.exe /I{1908B36C-5AFE-495D-A9D9-14A0E5AB1056}
RPS Firewall --> MsiExec.exe /I{473150B1-E053-42A1-B521-634918D2442B}
RPS ParentalControl --> MsiExec.exe /I{7F71F140-FFEB-405B-BFFC-797A4358651C}
RPS Performance Tool --> MsiExec.exe /I{55728951-F14D-4292-8809-8CB13E3FEB28}
RPS PopupBlocker --> MsiExec.exe /I{949F8F97-80C8-47F2-A9BF-C99563EE2FAD}
RPS Privacy Manager --> MsiExec.exe /I{6FB8EC0E-63B8-41F6-894A-1C098A7584AB}
RPS RpsCore --> MsiExec.exe /I{A7F98C80-0B0A-4615-AF9B-CEB17171FEF7}
RPS Security Cleanup --> MsiExec.exe /I{DE420E21-64D3-48A6-AB03-2F0C9B7B6916}
RPS Zip --> MsiExec.exe /I{913A0A14-0092-4257-92E6-F8CBEDD858A0}
Rugby 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEFB418D-D277-43B0-9BA9-C5402455E625}\Setup.exe" -l0x9
Samsung USB Driver (MCCI 4.24 WHQL) --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{439E56F4-F8CC-4886-B7A4-E8024ED39C6C}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Shockwave --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Smart Menus (Windows Live Toolbar) --> MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
SolSuite 2007 v7.7 --> "C:\Program Files\SolSuite\unins000.exe"
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sound Blaster Live! --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\setup.exe" -l0x9
TurboTax Deluxe 2005 --> C:\Program Files\TurboTax\Deluxe 2005\TaxUnst.EXE "C:\Program Files\TurboTax\Deluxe 2005\Uninstall.log" -NoGui
TurboTax ItsDeductible 2005 --> MsiExec.exe /X{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}
V CAST Music --> MsiExec.exe /X{3249FD43-B24B-413F-B786-F8FEA32FA747}
Verizon Internet Security Suite --> C:\Program Files\InstallShield Installation Information\{160B9401-0B67-41CF-A12A-41CE64C8B857}\setup.exe -runfromtemp -l0x0009 -removeonly
Verizon Online DSL --> C:\Program Files\Common Files\SupportSoft\Verizon\vzuninstall.exe /starthidden
Verizon Online Help & Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25EF03E6-F17B-11D6-88EA-000476CD2443}\setup.exe" -l0x9  UNINSTALL -removeonly
Verizon Servicepoint 1.5.12 --> "C:\Program Files\Verizon\VSP\unins000.exe"
WildTangent Web Driver --> C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Windows Defender --> MsiExec.exe /I{B2D7CE29-614A-4ACC-8BFE-009EB3A244C9}
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Live Favorites for Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Outlook Toolbar (Windows Live Toolbar) --> MsiExec.exe /X{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar --> MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar Extension (Windows Live Toolbar) --> MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar Feed Detector (Windows Live Toolbar) --> MsiExec.exe /X{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Yahoo! extras --> C:\PROGRA~1\Yahoo!\Common\unyext.exe
Yahoo! Install Manager --> C:\WINDOWS\System32\regsvr32 /u C:\WINDOWS\DOWNLO~1\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
Yahoo! Mail Quick Select Tool (PhotoMail) --> C:\PROGRA~1\Yahoo!\Common\unymb.exe
Yahoo! Photos Easy Upload Tool --> C:\Program Files\Yahoo!\Common\ydropper_uninst.exe /ylog=C:\PROGRA~1\Yahoo!\Photos\Uploader\install.log


-- Application Event Log -------------------------------------------------------

Event Record #/Type8260 / Error
Event Submitted/Written: 12/03/2007 04:59:01 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16544, faulting module flash9c.ocx, version 9.0.45.0, fault address 0x00099baf.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type8217 / Error
Event Submitted/Written: 12/01/2007 00:58:59 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16544, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type8216 / Error
Event Submitted/Written: 12/01/2007 00:58:57 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16544, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type8212 / Error
Event Submitted/Written: 12/01/2007 09:07:58 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application iexplore.exe, version 7.0.6000.16544, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type8211 / Error
Event Submitted/Written: 12/01/2007 00:01:25 AM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 513721658.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type189361 / Error
Event Submitted/Written: 12/03/2007 01:25:41 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type189360 / Error
Event Submitted/Written: 12/03/2007 01:25:41 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Event Record #/Type189359 / Error
Event Submitted/Written: 12/03/2007 01:25:41 PM
Event ID/Source: 32 / SideBySide
Event Description:
Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.

Event Record #/Type189341 / Error
Event Submitted/Written: 12/03/2007 01:25:13 PM
Event ID/Source: 59 / SideBySide
Event Description:
Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Event Record #/Type189340 / Error
Event Submitted/Written: 12/03/2007 01:25:13 PM
Event ID/Source: 59 / SideBySide
Event Description:
Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.



-- End of Deckard's System Scanner: finished at 2007-12-03 13:35:46 ------------
Logged

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #17 on: December 03, 2007, 05:06:14 PM »
I ran IE with no add-ons and the address bar works.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
IE address bar is not working
« Reply #18 on: December 03, 2007, 10:26:20 PM »
By trial and error, run IE normally and then go to Tools>>manage addons
Disable all addons
Renable one at a time and see which one is causing problems
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline jaicksmom

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
IE address bar is not working
« Reply #19 on: December 03, 2007, 11:19:38 PM »
THANK YOU.  It was an add-on from Yahoo.  My address bar is working again.  I'm sorry it was so much work - I appreciate your patience and your help!
Logged
Pages: [1] 2
« previous next »